Ethical Hacking Essentials Exam Prep
Identify the type of password attack that does not require any technical knowledge about hacking or system exploitation. A. non-electronic attack B. active online attack C. offline attack D. passive online attack
A. non-electronic attack
Clark, a security specialist, was instructed to enhance the security of the IoT infrastructure of the client organization. He employed an IoT security solution that helped him protect the IoT devices and networks from different cyberattacks. Identify the tool employed by Clark to protect IoT infrastructure. A. WinHex B. FortiNAC C. Hex Editor Neo D. IDA Pro
B. FortiNAC
Which of the following types of trojan uses port number 445 to infect the target system entry and exit points for application traffic? A. shamoon B. WannaCry C. hackers paradise D. Mspy
B. WannaCry
Identify the NIST cloud deployment reference architecture entity that acts as an intermediary and provides connectivity and transport services between CSPs and cloud consumers. A. cloud provider B. cloud carrier C. cloud auditor D. cloud broker
B. cloud carrier
Which of the following viruses combines the approach of file infectors and boot record infectors and attempts to simultaneously attack both the boot sector and executable or program files? A. system or boot-sector viruses B. cluster viruses C. multipartite viruses D. macro viruses
C. multipartite viruses
Identify the attack that is likely to be performed by the attacker if the web server and application have HTTP response-splitting flaws. A. directory traversal attack B. web server C. web cache poisoning attack D. DNS poisoning attack
C. web cache poisoning attack
In which of the following layers of the vulnerability stack do attackers flood the switches with numerous requests that exhaust the CAM table, causing it to behave like a hub? A. layer 5 B. layer 3 C. layer 7 D. layer 2
D. layer 2
Which of the following practices can make a network or system vulnerable to DoS/DDoS attacks? A. enable TCP SYN cookie protection B. prevent return addresses from being overwritten C. prevent the use of unnecessary functions such as gets and strcpy D. prevent implementation of cognitive radios in the physical layer
D. prevent implementation of cognitive radios in the physical layer
Lopez, a penetration tester, executes different phases of the hacking cycle in her organization. She detects that the network is susceptible to password cracking, buffer overflows, denial of service, and session hijacking attacks. Identify the hacking phase Lopez was executing in the above scenario. A. gaining access B. clearing tracks C. scanning D. maintaining access
A. gaining access
James, a student, was curious about hacking. Although he does not possess much knowledge about the subject, he initiated a DoS attack on a website using freely available tools on the Internet. As the website already has some sort of security controls, it detected unusual traffic and blocked James's IP address. Which of the following types of threat sources is discussed in the above scenario? A. structured external threats B. natural threats C. unstructured external threats D. unintentional threats
C. unstructured external threats
Which of the following built-in tool of Burp Suite is used for testing the randomness of session tokens? A. sequencer tool B. repeater tool C. intruder tool D. intercepting proxy
A. sequencer tool
Which of the following Google advanced search operators displays websites that are similar to the URL specified? A. info B. related C. allinurl D. cache
B. related
Which of the following practices is NOT a countermeasure against Bluetooth attacks? A. use a VPN for secure connections between Bluetooth devices B. do not accept any unknown or unexpected request for pairing C. disable automatic connections to public Wi-Fi networks D. keep the device in the discoverable mode
D. keep the device in the discoverable mode
Identify the type of virus that overwrites a part of the host file with null constant without increasing the length of the file and maintains a constant file size when infecting, which allows the virus to evade detection. A. cavity virus B. shell virus C. metamorphic virus D. file-extension virus
A. cavity virus
Daniel, an employee working from home, was assigned a task to complete within a half-day, but due to frequent power failures at his residential area, he failed to accomplish the task. Which of the following threats was demonstrated in the above scenario? A. natural threats B. internal threats C. unstructured external threats D. structured external threats
A. natural threats
Identify the element of information security that refers to the quality of being genuine or uncorrupted as a characteristic of any communication, documents, or any data. A. integrity B. authenticity C. availability D. confidentiality
B. authenticity
Kevin, a professional hacker, was hired to break into an organization's network and gather sensitive information. Kevin installed a virus that will be triggered when a specific date/time is reached, using which he can gain remote access and retrieve sensitive information. Identify the type of virus used by Kevin in the above scenario. A. metaphoric virus B. logic bomb virus C. polymorphic virus D. file-extension virus
B. logic bomb virus
Identify the trojan that uses port number 443 to infect the target systems and propagate malicious software to other systems. A. shamoon B. remote grab C. WannaCry D. emotet
D. emotet
Which of the following is an anti-phishing tool that provides updated information about sites that users often visit and blocks harmful websites? A. Netcraft B. Unicornsan C. Nbtstat D. LUCY
A. Netcraft
Jade, a professional hacker, was planning to enter the premises of an organization that allows access only to authorized persons. For this purpose, he creates a fake ID resembling the ID of the office staff and enters the restricted area by closely following an authorized person through a door that requires key access. Identify the type of attack performed by Jade in the above scenario. A. tailgating B. vishing C. dumpster diving D. pharming
A. tailgating
Identify the attack technique that purely targets hardware devices by exploiting their security flaws and causes irreversible damage to the system hardware, requiring the victim to replace the hardware. A. ARP spoofing B. MAC flooding C. DHCP starvation D. Phlashing
D. Phlashing
Eyan, a professional hacker, developed malicious code that contains a sequence of commands that can take advantage of a bug or vulnerability in a digital system or device. He used the malicious code to spy on information, install malware, and compromise system security. Identify the component of the malware developed by Eyan in the above scenario. A. droppery B. crypter C. downloader D. exploit
D. exploit
Which of the following application security risks occurs when untrusted data is sent to an interpreter as part of a command or query, according to the OWASP? A. A1 - injection B. A3 - sensitive data exposure C. A4 - XML External Entity (XXE) D. A6 - security misconfiguration
A. A1 - injection
Which of the following terminology is referred to as the outermost boundary of a network zone that acts as a point of separation between the interior and exterior of a zone, where the cybersecurity controls are implemented? A. network perimeter B. business network C. critical infrastructure D. zones and conduits
A. network perimeter
Identify the term that refers to IT professionals who employ their hacking skills for defensive purposes, such as auditing their systems for known vulnerabilities and testing the organization's network security for possible loopholes and vulnerabilities. A. hacker B. ethical hacker C. attacker D. cracker
B. ethical hacker
Which of the following types of trojan tricks regular computer users into downloading trojan-infected files to their systems through URL redirection and, post-download, connects back to the attacker using IRC channels? A. defacement trojans B. e-banking trojans C. botnet trojans D. rootkit trojans
C. botnet trojans
Identify the Nbtstat parameter that lists the contents of the NetBIOS name cache, the table of NetBIOS names, and their resolved IP addresses. A. -R B. -r C. -S D. -c
D. -c
Which of the following components of a web server is located between the web client and web server to pass all the requests and is also used to prevent IP blocking and maintain anonymity? A. virtual hosting B. virtual document tree C. web proxy D. server root
C. web proxy
Identify the type of attack vector that focuses on stealing information from the victim machine without its user being aware and tries to deliver a payload affecting computer performance. A. ATP attack B. botnet C. insider attack D. phishing
A. ATP attack
Which of the following is a U.S. government repository of standards-based vulnerability management data and enables the automation of vulnerability management, security measurement, and compliance? A. National Vulnerability Database (NVD) B. Common Vulnerabilities and Exposures (CVE) C. Common Weakness Enumeration (CWE) D. Common Vulnerability Scoring System (CVSS)
A. National Vulnerability Database (NVD)
Which of the following viruses stores itself with the same filename as the target program file, infects the computer upon executing the file, and uses DoS to run COM files before executing EXE files? A. camouflage viruses B. file-extension viruses C. armored viruses D. logic bomb viruses
A. camouflage viruses
Ruby, a hacker, visited her target company disguised as an aspiring candidate seeking a job. She noticed that certain sensitive documents were thrown in the trash near an employee's desk. She collected these documents, which included critical information that helped her to perform further attacks. Identify the type of attack performed by Ruby in the above scenario. A. close-in attack B. passive attack C. insider attack D. active attack
A. close-in attack
Don, a professional hacker, targeted Johana's official email to steal sensitive information related to a project. Using a password cracking tool, Don tried all the possible combinations of password characters until it was cracked. Identify the type of password attack performed by Don in the above scenario. A. wire tapping B. brute-force attack C. hash injection D. spyware
B. brute-force attack
Given below are the various phases of hacking. 1. Reconnaissance 2. Gaining access 3. Maintaining access 4. Clearing tracks 5. Scanning What is the correct sequence of phases involved in hacking? A. 3 -> 1 -> 2 -> 5 -> 4 B. 1 -> 2 -> 4 -> 5 -> 3 C. 1 -> 5 -> 2 -> 3 -> 4 D. 1 -> 2 -> 3 -> 4 -> 5
C. 1 -> 5 -> 2 -> 3 -> 4
Which of the following port numbers is used by trojans such as Silencer and WebEx? A. 1177 B. 1011 C. 1001 D. 1170
C. 1001
Which of the following tools includes scanners such as comprehensive security scanners and port scanners and provides information such as NetBIOS names, configuration info, open TCP and UDP ports, transports, and shares? A. TorBrowser B. Netcraft C. MegaPIng D. ShellPhish
C. MegaPing
Which of the following malware programs can replicate, execute, and spread across network connections independent of human intervention? A. botnet B. trojans C. worms D. keyloggers
C. worms
Don, a professional hacker, targeted Bob to steal the credentials of his bank account. Don lured Bob to install malicious software embedded with a keylogger. The keylogger installed on Bob's machine recorded all of Bob's keystrokes and transmitted them to Don. Using the keylogger, Don obtained the credentials of Bob's bank account and performed illegal transactions on his account. Identify the type of attack Don has performed in the above scenario. A. non-electronic attacks B. offline attacks C. passive online attacks D. active online attacks
D. active online attacks
Which of the following entities in the NIST cloud deployment reference architecture is a party that performs an independent examination of cloud service controls to express an opinion and verify adherence to standards through a review of the objective evidence? A. cloud auditor B. cloud provider C. cloud broker D. cloud carrier
A. cloud auditor
Which of the following protocols is a TCP/IP-based protocol used to exchange management information between devices connected on a network? A. HTTP B. SNMP C. Telnet D. POP
B. SNMP
Which of the following tiers in the container technology architecture transforms images into containers and deploys containers to hosts? A. Tier-3: Registries B. Tier-4: Orchestrators C. Tier-5: Hosts D. Tier-2: Testing and accreditation systems
B. Tier-4: Orchestrators
Which of the following tools allows you to reset unknown or lost Windows local administrator, domain administrator, and other user account passwords? A. netcraft B. FortiNAC C. John the Ripper D. MegaPing
C. John the Ripper
Identify the reason why organizations recruit ethical hackers. A. Retain the current security posture of the organization B. Minimize the security controls to safeguard the customer data C. Uncover vulnerabilities in systems and explore their potential as a risk D. Allow hackers to gain access to the information systems
C. Uncover vulnerabilities in systems and explore their potential as a risk
Which of the following practices can make an application or database server vulnerable to SQL injection attacks? A. test the content of string variables and accept only expected values B. keep untrusted data separate from commands and queries C. allow entries that contain binary data, escape sequences, and comment characters D. apply least privilege rules to run the applications that access the DBMS
C. allow entries that contain binary data, escape sequences, and comment characters
James, an attacker, targeted the OT network of a manufacturing plant and tried to disrupt the production environment. He flooded the main component of the OT network with a large number of CIP connection requests. After the connection was established, he forced the device to accept the fake IP configuration so that other components in the network dropped their communication with this device. Which of the following threats was demonstrated in the above scenario? A. buffer overflow attack B. reconnaissance attack C. denial-of-service attack D. malware attack
C. denial-of-service attack
Jack, a professional hacker, has targeted a website that uses linear algorithms to create shorter session IDs for logged-in users. Jack created a forged valid session ID and logged in to other accounts by studying the sequential pattern. Which of the following weaknesses has Jack exploited in the above scenario to hijack session IDs? A. indefinite session timeout B. insecure handling of session IDs C. weak session ID generation D. absence of account lockout for invalid session IDs
C. weak session ID generation
Given below are different phases of social engineering attacks. 1. Develop a relationship 2. Exploit the relationship 3. Research the target company 4. Select a target What is the correct sequence of steps attackers follow to execute a successful social engineering attack? A. 3 -> 4 -> 2 -> 1 B. 2 -> 1 -> 4- > 3 C. 2 -> 3 -> 4 -> 1 D. 3 -> 4 -> 1 -> 2
D. 3 -> 4 -> 1 -> 2
Which of the following types of attack involves replacing legitimate apps in a mobile device with malicious apps designed by a hacker and producing a large volume of advertisements on the target device to attain financial benefits? A. SIM card attack B. SMiShing attack C. Bluesnarfing attack D. Agent smith attack
D. agent smith attack
Malcolm, a professional hacker, is attempting to access an organization's systems remotely. For this purpose, he used a tool to recover the passwords of the target system and gain unauthorized access to critical files and other system software. Identify the tool used by Malcolm to crack the passwords of the target system. A. OllyDbg B. Dependency Walker C. BeRoot D. hashcat
D. hashcat
Roger, a security professional, monitored the web application to determine any susceptibilities and protect it from unauthorized access. He noticed that developers used weak cryptographic encryption methods and stored the cryptographic keys at insecure locations. Identify the type of application security risk noticed by Roger in the above scenario. A. XML external entity (XXE) B. broken authentication C. command injection D. sensitive data exposure
D. sensitive data exposure
In which of the following session hijacking phases does an attacker break the connection to the victim's machine by knowing the next sequence number (NSN)? A. command injection B. monitor C. session ID prediction D. session desynchronization
D. session desynchronization
Identify the metric used in CVSS assessment that represents the features that continue to change during the lifetime of the vulnerability. A. environmental metric B. impact metric C. base metric D. temporal metric
D. temporal metric
Identify the type of virus whose life is directly proportional to the life of its host, which means it executes only upon the execution of its attached program and terminates upon the termination of its attached program. A. intrusive virus B. add-on virus C. terminate and stay resident virus D. transient virus
D. transient virus
James, a professional hacker, performed a session hijacking attack against a victim connected to the same network. James captured the TCP sequence and acknowledgment numbers of the victim to craft his own packets. He then interrupted the connection between the server and the victim and injected the crafted packets into the server as a legitimate user. Given below are different steps followed by James when performing session hijacking: 1. Session desynchronization 2. Monitor 3. Session ID prediction 4. Sniff 5. Command injection Identify the correct sequence of steps involved in session hijacking. A. 4 -> 2 -> 1 -> 3 -> 5 B. 4 -> 2 -> 3 -> 5 -> 1 C. 3 -> 2 -> 1 -> 4 -> 5 D. 3 -> 5 -> 2 -> 4 -> 1
A. 4 -> 2 -> 1 -> 3 -> 5
Patrick, a parent of school-going kids, is frustrated with his children continuously playing an online game. After realizing that direct confrontation may not be the most effective option in the long term, he turned on the Bluetooth on their devices and performed an over-the-air attack by sending annoying messages to the children's devices. As a result, his children lost interest in the game. Identify the type of Bluetooth attack performed by Patrick in the above scenario. A. Bluejacking B. Btlejacking C. Bluesmacking D. Bluebugging
A. Bluejacking
Which of the following types of attack requires the attacker to be available very near to the chip to tamper with the default program or data and gather sensitive information? A. non-invasive attacks B. network pivoting C. reconnaissance attack D. invasive attack
A. non-invasive attacks
John, a professional hacker, was hired by a government agency to penetrate, gain top-secret information from, and damage other government agencies' information systems or networks. Based on the above scenario, which of the following classes of hacker does John fall in? A. cyber terrorists B. state-sponsored hackers C. hacker teams D. industrial spies
B. state-sponsored hackers
Gordon, a professional hacker, has targeted his opponents' network to disrupt the communication between neighboring nodes and networks. He employs a technique that uses multiple forged identities to create a strong illusion of traffic congestion, thereby affecting and interrupting the communication and services. Identify the type of attack performed by Gordon in the above scenario. A. rolling code attack B. sybil attack C. SQL injection attack D. replay attack
B. sybil attack
Which of the following protocols was upgraded as a default authentication protocol on Windows OS to provide stronger authentication for client/server applications? A. SNMPv3 B. Pretty Good Privacy (PGP) C. S/MIME D. Kerberos
D. Kerberos
Lionel, a professional hacker motivated by political beliefs, plans to employ various techniques to create fear of large-scale disruption of computer networks. Which of the following types of threat actors does Lionel belong to in the above scenario? A. cyber terrorists B. script kiddies C. state-sponsored hackers D. industrial spies
A. cyber terrorists
Identify the severity of CVSS v3.0 ratings with a base score range of 9.0-10.0 A. medium B. critical C. high D. low
B. critical
Which of the following is the practice of employing computer and network skills in order to assist organizations in testing their network security for possible loopholes and vulnerabilities? A. computer forensics B. ethical hacking C. disaster recovery D. risk assessment
B. ethical hacking
Samson, an attacker, targets an organization's network to steal sensitive information such as credit card numbers, passwords, chat messages, emails, and photos. He uses a technique to compromise the vulnerability in the four-way handshake process of the WPA2 protocol by forcing Nonce reuse. Identify the technique employed by Samson in the above scenario. A. Key reinstallation attack B. Honeypot AP attack C. Rogue AP attack D. AP MAC spoofing
A. Key reinstallation attack
Which of the following techniques is useful in detecting a system that runs in promiscuous mode and in turn helps detect sniffers installed on the network? A. Ping method B. DNS poisoning C. ARP spoofing D. SYN flooding
A. Ping method
In which of the following OSI layers do sniffers operate and perform an initial compromise? A. data link layer B. network layer C. transport layer D. physical layer
A. data link layer
Which of the following is NOT a benefit of conducting a penetration test? A. hide real risks B. reveal vulnerabilities C. guard the reputation D. reduce client-end attacks
A. hide real risks
Identify the type of attack in which an attacker seizes control of a valid TCP communication between two computers and gains access to a machine while the communication is in progress. A. session hijacking B. MAC flooding C. packet sniffing D. DoS attack
A. session hijacking
James, a cloud security architect, was planning to automate the deployment, scaling, and management of containerized applications. He deployed a platform that groups different containers into several logical units for easy management and discovery. Identify the container management platform employed by James in the above scenario. A. Fortify WebInspect B. Kubernetes C. Metasploit D. Burp Suite
B. Kubernetes
Which of the following modes of operation is responsible for delivering password-based authentication using the SAE protocol or Dragonfly Key Exchange? A. WPA2-Personal B. WPA3-Personal C. WPA2-Enterprise D. WPA3-Enterprise
B. WPA3-Personal
Which of the following actors in the NIST cloud deployment reference architecture is a person or organization that maintains a business relationship with the cloud service providers and utilizes the cloud computing services? A. cloud broker B. cloud auditor C. cloud carrier D. cloud consumer
D. cloud consumer
Peter, a professional hacker, managed to gain total control of his target system and was able to execute scripts in the trojan. He then used techniques such as steganography and tunneling to remain undetected and to avoid legal trouble. Which of the following hacking phase was Peter currently performing in the above scenario? A. scanning B. clearing tracks C. maintaining access D. gaining access
B. clearing tracks
Jack is working as a malware analyst in an organization. He was assigned to inspect an attack performed against the organization. Jack determined that the attacker had restricted access to the main computer's files and folders and was demanding an online payment to remove these restrictions. Which of the following type of attack has Jack identified in the above scenario? A. phishing B. sniffing C. ransomware D. botnet
C. ransomware
Which of the following malware distribution techniques involves exploiting flaws in browser software to install malware by merely visiting a web page? A. drive-by downloads B. malvertising C. black hat search engine optimization D. spam emails
A. drive-by downloads
In which of the following stages of the virus lifecycle does a user install antivirus updates and eliminate virus threats? A. launch B. execution of the damage routine C. detection D. replication
B. execution of the damage routine
Joy, a professional hacker, targeted an organization's system using a special type of virus that hides its actual source of infection. The virus employed by Joy diverts the antivirus solutions by providing certain other random location even though it is residing in the system. Identify the type of virus employed by Joy in the above scenario. A. add-on virus B. logic bomb virus C. armored virus D. web scripting virus
C. armored virus
Identify the technique used by the attacker that involves keyword stuffing, inserting doorway pages, page swapping, and adding unrelated keywords to get higher rankings for malware pages. A. social engineered click-jacking B. drive-by downloads C. black hat search engine optimization D. malvertising
C. black hat search engine optimization
Which of the following malware distribution techniques involves mimicking legitimate institutions in an attempt to steal login credentials? A. drive-by downloads B. spear-phishing sites C. spam emails D. malvertising
B. spear-phishing sites
Clara, a security professional, while checking the data feeds of the domains, detects downloaded malicious files and unsolicited communication with the outside network based on the domains. Which of the following adversary behaviors was detected by Clara? A. internal reconnaissance B. unspecified proxy activities C. HTTP user agent D. use of web shell
B. unspecified proxy activities
Jack, a professional hacker, was recruited by an agency to steal sensitive data from a rival company. From a remote location, he discovered vulnerabilities in the target company's network using a vulnerability scanner. He exploited them to intrude into the network and steal confidential data. Identify the threat source exploited by Jack in the above scenario. A. unintentional threats B. natural threats C. external threats D. internal threats
C. external threats
Identify the insider attack wherein the miscreant can easily bypass security rules by using privileged access and cause a threat to the organization's information systems. A. SQL injection B. directory traversal attack C. pod slurping D. XSS attack
C. pod slurping
Identify the type of vulnerabilities exploited by an attacker before they are identified and patched by the developers. A. open services B. zero-day vulnerabilities C. legacy platform vulnerabilities D. buffer overflow vulnerabilities
B. zero-day vulnerabilities
In which of the following phases of hacking does an attacker employ steganography and tunneling techniques to retain access to the victim's system, remain unnoticed, and remove evidence that might lead to prosecution? A. reconnaissance B. preparatory C. scanning D. clearing tracks
D. clearing tracks
Identify the individuals who are also known as security analysts or ethical hackers. A. suicide hackers B. black hats C. hacker teams D. white hats
D. white hats
Which of the following tool helps an attacker perform an ARP poisoning attack? A. BetterCAP B. Nbstat C. High Orbit Ion Cannon D. Wireshark
A. BetterCAP
Which of the following components belongs to the IT network that can be integrated with OT systems to improve security, quality, and productivity? A. SCADA B. Cloud C. DCS D. PLC
B. Cloud
Which of the following types of attack allows an attacker to obtain unauthorized access to a victim's router by injecting malicious JavaScript code to a web page? A. side-channel attack B. DNS rebinding attack C. jamming attack D. fault injection attack
B. DNS rebinding attack
Which of the following solutions helps system administrators to deploy and manage software applications across all enterprise mobile devices to secure, monitor, manage, and support devices? A. Wireshark B. CxSAST C. IBM MaaS360 D. Fiddler
C. IBM MaaS360
Which of the following is a default authentication scheme that performs authentication using a challenge/response strategy as it does not rely on any official protocol specification and has no guarantee to work effectively in every situation? A. S/MIME B. PGP C. SAM database D. NTLM
D. NTLM
Given below are various stages involved in the virus lifecycle. 1. Replication 2. Incorporation 3. Launch 4. Execution of the damage routine 5. Design 6. Detection Identify the correct sequence of stages involved in the virus lifecycle. A. 3 -> 4 -> 5 -> 6 -> 1 -> 2 B. 1 -> 2 -> 3 -> 4 -> 5 -> 6 C. 5 -> 1 -> 3 -> 6 -> 2 -> 4 D. 2 -> 3 -> 4 -> 1 -> 5 -> 6
C. 5 -> 1 -> 3 -> 6 -> 2 -> 4
Identify the attack in which attackers tamper with the operating conditions of a chip to introduce faulty behavior into it and compromise the security of that device. A. ransomware attack B. rolling code attack C. perturbation attacks D. DDoS attack
C. perturbation attacks
Stephen, a security specialist at an organization, was instructed to secure the IoT infrastructure from intrusion attempts. Stephen has gone through all the IoT security guidelines/countermeasures to secure the network. Which of the following countermeasures must Stephen follow to secure the organization's network from IoT attacks? A. disable the UPnP port on routers B. enable telnet (port 23) C. allow all IP addresses to access the device from the Internet D. never deploy security as a unified, integrated system
A. Disable the UPnP port on routers
Identify the component of web service architecture, which is a directory service that lists all the services available. A. UDDI B. WSDL C. WS-Security D. WS-Policy
A. UDDI
John, a security specialist, was requested by a client organization to check whether the security testing process was performed according to standard. He implemented a security audit on the organization's network to ensure that the performed test was well-organized, efficient, and ethical. John has conducted the audit following the steps given below. 1. Talk to the client and discuss the needs to be addressed during testing 2. Analyze the results of the testing and prepare a report 3. Organize an ethical hacking team and prepare a schedule for testing 4. Conduct the test 5. Prepare and sign NDA documents with the client 6. Present the findings to the client Identify the correct sequence of the steps John has followed while performing the security audit. A. 1 -> 2 -> 4 -> 5 -> 6 -> 3 B. 1 -> 5 -> 3 -> 4 -> 2 -> 6 C. 3 -> 5 -> 2 -> 6 -> 1 -> 4 D. 3 -> 1 -> 2 -> 4 -> 5 -> 6
B. 1 -> 5 -> 3 -> 4 -> 2 -> 6
Which of the following terms is a spread spectrum technique that multiplies the original data signal with a pseudo-random noise-spreading code and protects signals from interference? A. SSID B. DSSS C. ISM band D. BSSID
B. DSSS
Mary, a security professional, trained her organization's employees to use a toolbar to check updated information about sites visited by them. The tool helps them make an informed decision about the integrity of those sites and further protects the organization from phishing attacks and fraudsters. Which of the following toolbars was introduced by Mary in the above scenario? A. Burp Suite B. Netcraft C. Shodan D. OWASP ZAP
B. Netcraft
Don, a professional hacker, targeted John's official email account and wanted to access confidential data saved in his account. Don initiated the process by entering the username and then used a predefined file with an automated password cracking program. Eventually, Don succeeded in cracking John's email account password. Which of the following techniques has Don employed in the above scenario? A. brute-force attack B. dictionary attack C. keylogger attack D. SQL injection
B. dictionary attack
Which of the following countermeasures helps security professionals in securing an IoT device from malicious activity? A. enable UPnP port on routers B. monitor traffic on port 48101 C. enable telnet (port 23) D. enable "guest" and "demo" user accounts
B. monitor traffic on port 48101
Richard, a penetration tester, has recently joined the company for initiating the pen testing process. He was a little negligent toward monitoring and responding to incidents during and after the pen test. This resulted in repetitive and unwanted triggering of the incident-handling processes, which disrupted the business continuity of the organization. Identify the type of risk that evolved in the above scenario as a consequence of the pen test. A. compliance issues B. organizational risks C. legal risks D. technical risks
B. organizational risks
Which of the following types of SQL injection attack is difficult to perform as the attacker needs to communicate with the server and determine the features of the database used by the web application? A. blind SQL injection B. out-of-band SQL injection C. in-band SQL injection D. inferential SQL injection
B. out-of-band SQL injection
Which of the following type of hackers are unskilled individuals who compromise systems by running tools or software developed by other professional hackers? A. suicide hackers B. script kiddies C. hacktivists D. black hats
B. script kiddies
Which of the following protocols uses AES-GCMP 256 encryption algorithm, ECDH and ECDSA key management, and BIP-GMAC-256 integrity check mechanism to secure wireless communication? A. WEP B. WPA C. WPA3 D. WPA2
C. WPA3
Meghan, a professional hacker, was trying to gain unauthorized access to the admin-level system of the target organization. To hack the passwords used by admins, she employed various password cracking techniques such as internal monologue attack, Markov-chain attack, Kerberos password cracking, and LLMNR/NBT-NS poisoning. Identify the type of password attack performed by Meghan in the above scenario. A. non-electronic attack B. offline attack C. active online attack D. dictionary attack
C. active online attack
Which of the following mobile risks can be raised from failure to identify the user, failure to maintain the user's identity, or weaknesses in session management? A. insufficient cryptography B. insecure data storage C. insecure authentication D. improper platform usage
C. insecure authentication
Identify the layer of the vulnerability stack in which attackers exploit flaws in the business logic by performing input validation attacks such as XSS. A. layer 1 B. layer 3 C. layer 7 D. layer 5
C. layer 7
Smith, a certified pen tester, was assigned to perform penetration testing on the organization's network. As he knew that penetration testing might harm the network, he followed a guideline that involves collecting sufficient evidence to determine whether any vulnerabilities exist in the network. Which of the following guidelines did Smith follow in the above scenario? A. delay the effect of a test B. perform interruptible testing C. use indirect testing D. refrain from vulnerability exploitation
C. use indirect testing
Which of the following terminologies is referred to as a network segregation technique that is used to isolate the networks and assets to impose and maintain strong access control mechanisms? A. business network B. industrial network C. zones and conduits D. network perimeter
C. zones conduits
Jack, a professional hacker, has performed an attack on Bluetooth paired devices. He leveraged a vulnerability in Bluetooth and breached the security mechanisms to eavesdrop on all the data being shared. Jack managed to intercept the data transfer between devices and gained access to chats and documents being shared. Identify the type of attack Jack has performed in the above scenario. A. BlueSniff B. MAC spoofing attack C. BluePrinting D. KNOB attack
D. KNOB attack
Identify the type of SQL injection technique used by the attacker when they cannot directly exploit any other SQL injection techniques. A. out-of-band SQL injection B. error-based SQL injection C. in-band SQL injection D. blind SQL injection
D. blind SQL injection
Which of the following best practices should be followed to thwart DoS/DDoS attacks? A. use functions such as gets and strcpy B. allow return addresses to be overwritten C. do not implement cognitive radios in the physical layer D. block all inbound packets originating from the service ports
D. block all inbound packets originating from the service ports
Bob, a professional hacker, targeted a company's web server that hosts websites. Bob started searching for published vulnerabilities in the CVE database for the target web server. He identified and then exploited vulnerabilities to gain access to the server and manipulate services. Which of the following layers of the vulnerability stack was exploited by Bob in the above scenario? A. layer 4 B. layer 2 C. layer 3 D. layer 5
D. layer 5
Which of the following practices can help security teams protect the webserver from cyberattacks? A. do not use security tools provided with web server software B. enable a maximum level of auditing on the web server C. if a database server, such as Microsoft SQL Server, is to be used as a backend database, install it on the same hosting server D. limit the server functionality to support only the web technologies to be used
D. limit the server functionality to support only the web technologies to be used
Which of the following countermeasure helps a security specialist defend the application against LDAP injection attacks? A. use LDAP for communication over the webserver B. construct LDAP search filters by concatenating strings C. never restrict the amount of data returned to the user D. make the LDAP filter as specific as possible
D. make the LDAP filter as specific as possible
Which of the following components in the container network model encompasses the container network stack configuration to manage container interfaces, routing tables, and DNS settings? A. IPAM Drivers B. network C. endpoint D. sandbox
D. sandbox
Don, a professional hacker, targeted the server of an e-commerce giant to disrupt its services to customers. To achieve this, Don gathered all the vulnerable IoT devices across different locations and created an army of bots to use against the target server. Upon receiving instructions from Don, the bots flooded the target with numerous requests making the target server unavailable to legitimate users. Identify the type of attack performed by Don in the above scenario. A. DDoS attack B. side-channel attack C. SDR-based attack D. replay attack
A. DDoS attack
Cedrick, a security professional, implemented stronger encryption and authentication for protecting his organization's network from wireless attacks. He utilized an encryption technique that uses TKIP for data encryption and eliminates the weaknesses of WEP by including per-packet mixing functions, MICs, extended IVs, and re-keying mechanisms. Identify the encryption technique employed by Cedrick in the above scenario. A. WPA B. CCMP C. LEAP D. WEP
A. WPA
Which of the following practices is NOT a countermeasure for defending against sniffing attacks? A. always use FTP for transferring files B. use HTTPS instead of HTTP to protect usernames and passwords C. always encrypt the wireless traffic with a strong encryption protocol such as WPA or WPA2 D. use tools to determine if any NICs are running in promiscuous mode
A. always use FTP for transferring files
James, a certified pen tester, was appointed by an organization to test the organization's security posture. James identified a security flaw in the network configuration and exploited it to compromise the main system connected with several nodes. In which of the following phases in penetration testing has James performed the above activity? A. attack phase B. documenting phase C. post-attack phase D. pre-attack phase
A. attack phase
Samuel, a professional hacker, targeted an organization's database server to manipulate its content. To accomplish his goal, Samuel intentionally started inserting bad input queries through an application and analyzed the error messages from the database to gather specific information from each query. He constructed a specially designed SQL query to compromise the data security and manipulated the stored content using the obtained information. Identify the type of SQL injection performed by Samuel in the above scenario. A. in-band SQL injection B. inferential SQL injection C. blind SQL injection D. WAITFORDELAY
A. in-band SQL injection
Steven, an employee, was using his device for the company's business operations. He stored family photos, videos, and business data in a single folder. When he was supposed to send business data to a client, he attached the entire folder and transferred it to the client without verifying the attached data. Which of the following BYOD risks was demonstrated in the above scenario? A. mixing personal and private data B. disgruntled employees C. stolen devices D. lost devices
A. mixing personal and private data
Identify the application security threat that occurs whenever an application includes untrusted data in a new web page without proper validation or escaping or whenever it updates an existing web page with user-supplied data. A. A8 - insecure deserialization B. A7 - cross-site scripting (XSS) C. A10 - insufficient logging and monitoring D. A2 - broken authentication
B. A7 - cross-site scripting (XSS)
Identify the technique that sends non-broadcast ARP to all the nodes in the network, and the node that runs in promiscuous mode broadcasts a ping message on the network with the local IP address but a different MAC address. A. Ping method B. ARP method C. ARP spoofing D. ARP poisoning
B. ARP method
Which of the following tools from Aircrack-ng Suite decrypts WEP/WPA/ WPA2 and can be used to strip wireless headers from Wi-Fi packets? A. Airgraph-ng B. Airdecap-ng C. Airmon-ng D. Easside-ng
B. Airdecap-ng
Steve, the head of the software development team, escalated a product to Jack's testing team for validation. As part of testing, Jack employed an SQL injection detection tool to determine if the application is immune to SQL injection attacks. Identify the tool Jack employed in the above scenario to detect SQL injection attacks. A. Foremost B. Burp Suite C. WinHex D. Autopsy
B. Burp Suite
Williams, a professional hacker, was hired by an organization to damage the reputation of their rival company. Williams spoofed a customer's rival company's IP address and initiated sending multiple ICMP ECHO request packets to an IP broadcast network. As a result, all the hosts together started sending responses to the customer's IP address. These responses were sent to the customer machine, diverting significant traffic toward it and crashing it in the process. Identify the type of attack performed by Williams in the above scenario. A. Fragmentation attack B. Smurf attack C. SYN flood attack D. Ping of death attack
B. Smurf attack
Identify the password cracking tool that helps attackers to gain unauthorized access to the system or network. A. MegaPing B. THC Hydra C. Nmap D. web data extractor
B. THC Hydra
Identify the IEEE 802.16 standard, a wireless communications standard designed to provide multiple physical layer (PHY) and MAC options. A. Wi-Fi B. WiMax C. ZigBee D. Bluetooth
B. WiMax
Which of the following practices can make IoT infrastructure vulnerable to online attacks? A. locate control system networks and devices behind firewalls B. allow all the IP addresses to access the device from the Internet C. monitor traffic on port 48101 D. implement end-to-end encryption and use public key infrastructure (PKI)
B. allow all the IP addresses to access the device from the Internet
Which of the following is the best practice to be followed to increase password security? A. share a computer account with colleagues B. avoid using the same password for different accounts C. always communicate passwords over the phone or through email or SMS D. do not change passwords for a long time
B. avoid using the same password for different accounts
In which of the following techniques does an attacker predict the sequence numbers that a victim host sends to create a connection that appears to originate from the host and then hijacks the communication? A. UDP flood attack B. blind hijacking C. DNS poisoning D. IP spoofing
B. blind hijacking
Dennis, an employee experiencing conflict with the management of an organization, uses steganography programs to hide company secrets. He sends this information to competitors, for certain financial benefits, as an innocuous-looking message embedding company secrets in a picture via his official email account. Identify the type of insider attack performed by Dennis in the above scenario. A. accident-prone employees B. disgruntled employees C. undertrained staff D. third parties
B. disgruntled employees
Which of the following guidelines must be followed to secure a mobile device against malicious attacks? A. do not install applications from trusted stores B. do not share information within GPS-enabled apps unless necessary C. do not maintain configuration control and management D. enable wireless access such as Wi-Fi and Bluetooth if not in use
B. do not share information within GPS-enabled apps unless necessary
Which of the following countermeasures can assist users in reducing the chances of identity theft? A. use public Wi-Fi for sharing or accessing internet banking B. enable two-factor authentication on all online accounts C. always give any personal information over the phone D. ensure your name is present on the marketers' hit lists
B. enable two-factor authentication on all online accounts
Which of the following countermeasures helps administrators defend against webserver attacks? A. install the IIS server on a domain controller B. screen and filter incoming traffic requests C. never use a dedicated machine as a web server D. do not configure a separate anonymous user account for each application
B. screen and filter incoming traffic requests
Which of the following defines the standards for a wireless personal area network (WPAN) and describes the specifications for wireless connectivity with fixed or portable devices? A. 802.12 B. 802.11i C. 802.15 D. 802.15.4
C. 802.15
Don, a threat actor, targeted Bob, a new accountant at the target organization. Don started collecting all the sensitive information about the organization's accounts, finance information, technologies in use, and upcoming plans and used this information to launch further attacks. Identify the social engineering phase Don is currently executing in the above scenario. A. develop a relationship B. select a target C. exploit the relationship D. research the target company
C. exploit the relationship
George, a professional hacker, targeted an organization's server to cause reputational damage to the organization. For this purpose, he employed an ARP poisoning tool that forges ARP replies from the target server resulting in customers navigating to the attacker-owned host, which contains irrelevant information for the customers. Which of the following tool helped George in the above scenario to perform an ARP poisoning attack? A. Netstat B. LUCY C. Ettercap D. Trape
C. Ettercap
Habel, a security professional, was assigned a task to identify the vulnerabilities in IoT devices connected to the corporate network. He employed an automated tool to perform a security assessment of the software and identify configuration and application vulnerabilities. Which of the following tools was utilized by Habel in the above scenario? A. Nimbostratus B. Netcraft C. Firmalyzer D. ShellPhish
C. Firmalyzer
Which of the following tools helps administrators enhance OT security and maintain an uninterruptable production environment? A. IDA Pro B. lazys3 C. ForeScout D. HOIC
C. ForeScout
Identify the component of the Kubernetes cluster architecture representing a master component that scans newly generated pods and allocates a node for them. A. Kube-controller-manager B. Cloud-controller-manager C. Kube-scheduler D. Etcd cluster
C. Kube-scheduler
Which of the following countermeasures should be followed to protect web applications against broken authentication and session management attacks? A. never use SSL for authenticated parts of the application B. submit session data as part of GET and POST C. apply pass phrasing with at least five random words D. do not check weak passwords against a list of the top bad passwords
C. apply pass phrasing with at least five random words
Which of the following countermeasures helps a security specialist defend the application against command injection attacks? A. avoid using built-in library functions B. avoid using modular shell disassociation from the kernel C. avoid executing commands such as exec D. avoid using parameterized SQL queries
C. avoid executing commands such as exec
Which of the following password policies can help administrators increase password security? A. disclose passwords only with colleagues and friends B. change passwords once a year C. block user accounts if a user exceeds a certain number of failed attempts D. choose a minimum of 5 characters
C. block user accounts if a user exceeds a certain number of failed attempts
Which of the following layers of web application includes the functional programming of the web application that can be implemented using technologies such as .NET, Java, and Python? A. presentation layer B. database layer C. business logic layer D. client layer
C. business logic layer
An organization, CyberSol.org, has decided to develop an application for microservices. As it is very difficult to build and maintain the necessary infrastructure for this operation, they purchased a cloud computing service that provides a platform for developing, running, and managing application functionalities. Which of the following cloud computing service is used in the above scenario? A. security-as-a-service B. infrastructure-as-a-service C. function-as-a-service D. identity-as-a-service
C. function-as-a-service
Which of the following tools creates a virtual tunnel interface to monitor encrypted traffic and inject arbitrary traffic into a network? A. WZCook B. Airdrop-ng C. Airgraph-ng D. Airtun-ng
D. Airtun-ng
Which of the following tool supports the entire web application testing process, from initial mapping and analysis of an application's attack surface to finding and exploiting security vulnerabilities? A. FileVault B. Power2Go 13 C. Recuva(R) D. Burp Suite
D. Burp Suite
Which of the following protocols distributes, inquiries into, retrieves, and posts news articles using a reliable stream-based transmission of news among the ARPA-Internet community? A. SNMP B. IMAP C. POP D. NNTP
D. NNTP
David, a professional hacker, targeted Alice's net banking account for financial benefits. David initiated the process by entering Alice's user id on the net banking website, then used an automated password cracking tool to crack her net banking password. David successfully cracked the password and transferred the amount from Alice's account to his account. Identify the tool employed by David to crack the password. A. MegaPing B. ShellPhish C. Nmap D. THC Hydra
D. THC Hydra
Which of the following protocols is used to communicate through port 23 and allows an attacker to log in to a network machine remotely via a TCP connection to sniff keystrokes, including usernames and passwords, that are sent in cleartext? A. NNTP B. POP C. HTTP D. Telnet
D. Telnet
Freddy, a penetration tester, plans to perform testing on an organization's network infrastructure. Before initiating the process, he defined and decided the range of testing, what will be tested, where testing will be performed from, and who will perform testing. Identify the operation performed by Freddy before initiating the test. A. reporting results B. delivering results C. performing the pen test D. defining the scope
D. defining the scope
Which of the following countermeasures help developers prevent applications from becoming vulnerable to SQL injection attacks? A. construct dynamic SQL with concatenated input values B. allow entries that contain binary data, escape sequences, and comment characters C. never use a prepared statement to create a parameterized query D. design the code such that it traps and handles exceptions appropriately
D. design the code such that it traps and handles exceptions appropriately
Which of the following practices is NOT a countermeasure to protect against session hijacking? A. implement DNS-based authentication of named entities B. configure appropriate internal and external spoof rules on gateways C. use encrypted protocols available in the OpenSSH suite D. enable compression mechanisms of HTTP requests
D. enable compression mechanisms of HTTP requests
Christy, a professional hacker, targeted a reputed bank to steal the credentials of its customers. To achieve this, he performed a DNS cache poisoning attack on the target DNS server. When users request the concerned bank's web page from their browsers, they receive a URL linked to a Christy-owned banking web page that looks similar to the legitimate banking page. Identify the type of phishing attack performed by Christy in the above scenario. A. SMiShing B. piggybacking C. spimming D. pharming
D. pharming
In which of the following techniques does an attacker execute malicious programs on a victim's computer or server, and when the victim enters any URL or domain name, it automatically redirects the victim's traffic to the attacker-controlled website? A. dumpster diving B. impersonation C. spimming D. pharming
D. pharming
Identify the penetration testing approach representing an adversarial goal-based assessment where the pen tester mimics a real attacker and targets an environment. A. compliance-oriented penetration testing B. goal-oriented penetration testing C. objective-oriented penetration testing D. red-team-oriented penetration testing
D. red-team-oriented penetration testing
Which of the following tiers in the container technology architecture operates and manages containers as instructed by the orchestrator? A. Tier-3: Registries B. Tier-4: Orchestrators C. Tier-5: Hosts D. Tier-2: Testing and accreditation
Tier-5: Hosts
Which of the following countries has implemented the cyber law "Regulation of Investigatory Powers Act 2000"? A. Germany B. India C. Australia D. United Kingdom
D. United Kingdom
Which of the following protocols is vulnerable to a sniffing attack as passwords and data are sent in clear text? A. FTP B. SSL C. PGP D. HTTPS
A. FTP
Which of the following protocols allows mobile users to exchange communication through another cellular network while roaming? A. Zigbee B. SS7 C. HaLow D. Bluetooth
C. SS7
Which of the following cloud computing models provides penetration testing, authentication, intrusion detection, anti-malware services to corporate infrastructure in a cost-effective way? A. platform-as-a-service B. identity-as-a-service C. security-as-a-service D. function-as-a-service
C. security-as-a-service
Which of the following techniques uses VoIP technology and ID spoofing to trick individuals into revealing their critical financial and personal information and uses the information for financial gain? A. spimming B. SMiShing C. vishing D. whaling
C. vishing
Which of the following GUI tools helps attackers sniff live network traffic from Ethernet and provides filters for customized data display? A. hping3 B. LOIC C. OWASP ZAP D. Wireshark
D. Wireshark
Clark, an attacker, targeted a manufacturing plant to compromise their SCADA system. He exploited the EvalExpression vulnerability in Gamma script that allowed him to send and execute controlled arbitrary scripts or commands on the target SCADA system. Which of the following vulnerabilities is exploited by James in the above scenario? A. lack of authorization B. credential management C. lack of authentication D. code injection
D. code injection
Which of the following practices is NOT a countermeasure to defend against web server attacks? A. store website files and scripts on a separate partition or drive B. physically protect the web server machine in a secure machine room C. screen and filter incoming traffic requests D. install IIS server on a domain controller
D. install IIS server on a domain controller
Which of the following protocols employs a key distribution center (KDC) that consists of two logically distinct parts, an authentication server (AS) and a ticket-granting server (TGS), and uses "tickets" to prove a user's identity? A. Kerberos authentication B. NTLM authentication C. Security accounts manager (SAM) D. LM authentication
A. Kerberos authentication
James, a malware programmer, intruded into a manufacturing plant that produces computer peripheral devices. James tampered with the software inside devices ready to be delivered to clients. The tampered program creates a backdoor that allows unauthorized access to the systems. Identify the type of attack performed by James in the above scenario to gain unauthorized access to the delivered systems. A. directory traversal attack B. distribution attack C. phishing attack D. replay attack
B. distribution attack
John, a professional hacker, targeted a newly joined employee of an organization. He sent a malicious payload via a phishing email that insisted that the user reset his official account's password on a priority basis and warned that his account would be blocked if the email were ignored. Identify the phase of cyber kill chain methodology John has performed in the above scenario. A. reconnaissance B. delivery C. exploitation D. installation
B. delivery
Elon, a disgruntled employee with access to sensitive data, intends to damage the organization's reputation. He shares all the critical information and blueprints with the competitor and benefits financially. Identify the threat source in the above scenario. A. external threat B. natural threat C. internal threat D. unintentional threat
C. internal threat
Which of the following attacks is launched either by stealing the ST/TGT from an end-user machine and using it to disguise the attackers as valid users or by stealing the ST/TGT from a compromised AS? A. pass-the-hash B. dictionary attack C. pass-the-ticket D. password guessing
C. pass-the-ticket
Jack, a professional hacker, created a malicious hyperlink and injected it into a website that appeared legitimate to trick users into clicking the link. When a victim clicked on the malicious link, the malware embedded in the link executed without the knowledge or consent of the victim. Identify the technique employed by Jack to distribute malware in the above scenario. A. malvertising B. black hat search engine optimization C. social engineered click-jacking D. spear-phishing sites
C. social engineered click-jacking
Which of the following titles of the Sarbanes Oxley Act (SOX) mandates that only senior executives should take individual responsibility for the accuracy and completeness of corporate financial reports? A. title VIII: corporate and criminal fraud accountability B. title V: analyst conflicts of interest C. title III: corporate responsibility D. title X: corporate tax returns
C. title III: corporate responsibility
Which of the following PUAs compel users to download large files to download unwanted programs with peer-to-peer file sharing features? A. adware B. marketing C. torrent D. cryptomining
C. torrent
Mark, a professional hacker, targets his opponent's website. He finds susceptible user inputs, injects malicious SQL code into the database, and tampers with critical information. Which of the following types of attack did Mark perform in the above scenario? A. close-in attack B. passive attack C. insider attack D. active attack
D. active attack
The assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users is referred to by which of the following elements of information security? A. non-repudiation B. integrity C. confidentiality D. availability
D. availability
James, a professional hacker, successfully penetrated the target's network and now wants to gather as much information as possible. To achieve this, he uses a technique that can collect and combine as much information as possible, including business tactics of the organization, financial information, and network infrastructure information. Which of the following techniques was used by James in the above scenario? A. HTTP user agent B. use of web shell C. use of powershell D. data staging
D. data staging
A computer user was trying to read the latest news articles from a popular website, but the user was prevented from accessing the resources of the website as certain underlying vulnerabilities in the webpage allowed an attacker to inject fake requests into the network; as a result, the server stopped responding to legitimate user requests. What is the impact caused due to vulnerabilities in the above scenario? A. denial of service B. information disclosure C. privilege escalation D. remote code execution
A. denial of service
Which of the following acts defines legal prohibitions against circumvention of the technological protection measures employed by copyright owners to protect their works and against the removal or alteration of copyright management information? A. HIPAA B. DMCA C. DPA D. PCI/DSS
B. DMCA
James, a professional pen tester, was appointed by an organization to perform a vulnerability assessment on server systems. James conducted a configuration-level check to identify system configurations, user directories, and file systems to evaluate the possibility of compromise for all the systems. Identify the type of vulnerability assessment James performed in the above scenario. A. database assessment B. host-based assessment C. application assessment D. network-based assessment
B. host-based assessment
Benson, a professional hacker, uses a technique that can exploit browser vulnerabilities. Using this technique, he is able to install malware simply by visiting a web page, and the victim system gets exploited whenever the webpage is being explored. Which of the following technique was mentioned in the above scenario? A. social engineered click-jacking B. malvertising C. spear-phishing sites D. drive-by downloads
D. drive-by downloads
Freddy, a professional hacker, targets sensitive information stored in document files of programs like Microsoft word. For this purpose, he uses a virus program that is written using VBA, which infects the documents and converts the infected documents into template files while maintaining their appearance as standard document files. Identify the type of virus employed by Freddy in the above scenario. A. file virus B. multipartite virus C. web scripting virus D. macro virus
D. macro virus
Identify the malware component that compresses the malware file by using compression techniques to convert the code and data of the malware into an unreadable format. A. obfuscator B. injector C. dropper D. packer
D. packer
Which of the following titles in The Digital Millennium Copyright Act (DMCA) allows the owner of a copy of a program to make reproductions or adaptations when these are necessary to use the program in conjunction with a system? A. title II: online copyright infringement liability limitation B. title I: WIPO treaty implementation C. title V: protection of certain original designs D. title III: computer maintenance or repair
D. title III: computer maintenance and repar
Justin, a security professional, performs continuous monitoring and anomaly detection of the OT systems in his organization to thwart any type of malfunctioning of the OT devices. For this purpose, he deployed a tool that ensures reliability of networks and avoids downtime and disruption of service continuity. Identify the tool utilized by Justin to protect the OT systems and networks. A. Flowmon B. sqlmap C. Burp Suite D. OWASP ZAP
A. Flowmon
Noah, a professional hacker, planned to launch a DDoS attack on his target organization and disrupt their normal services. He employed a tool designed to attack up to 256 target URLs simultaneously, and it can also send HTTP POST and GET requests to a computer that uses lulz-inspired GUIs. Which of the following tool helped Noah perform the DDoS attack? A. High Orbit Ion Cannon (HOIC) B. NetBIOS Enumerator C. Wireshark D. Arpspoof
A. High Orbit Ion Cannon (HOIC)
Which of the following tools allows an attacker to crack passwords of the target system? A. Medusa B. Suricata C. Zimperium's zIPS D. Snort
A. Medusa
Which of the following tools does an attacker use to break into the iOS devices and track their activities? A. Spyic B. Low Orbit Ion Cannon (LOIC) C. Hex Editor Neo D. BitLocker
A. Spyic
In which of the following situations is penetration testing required and conducted by a professional penetration tester? A. a new threat to the organization's infrastructure has been discovered B. hardware or software is not updated or reinstalled C. no change in the organization's policy D. no changes have been made in the organization's infrastructure
A. a new threat to the organization's infrastructure has been discovered
Which of the following layers in the IoT architecture is responsible for bridging the gap between two endpoints and performing functions such as message routing, message identification, and subscribing? A. internet layer B. access gateway layer C. edge technology layer D. application layer
A. access gateway layer
Which of the following countermeasures helps security professionals to secure the cloud environment? A. apply a baseline security breach notification process B. do not enforce legal contracts in employee behavior policy C. allow user credentials sharing among users, applications and services D. never disclose applicable logs and data to customers
A. apply a baseline security breach notification process
Which of the following guidelines helps users identify and protect sensitive data on their mobile devices? A. apply validation of the security of API calls to the sensitive data B. store the sensitive data on the client-side device instead of the server C. never restrict access to sensitive data based on contextual information D. use, wherever possible, persistent identifiers which are not shared with other apps
A. apply validation of the security of API calls to the sensitive data
Don, a professional hacker, telephoned Bob and claimed to be a network administrator in the target organization. Don informed Bob about a security incident in the network and asked him to provide his account credentials to secure his data. After obtaining these credentials, Don retrieved sensitive information from Bob's account. Which of the following vulnerable behaviors was showcased by Don in the above scenario? A. authority B. liking C. familiarity D. social proof
A. authority
Which of the following countermeasure helps developers or testing teams secure the database against SQL injection attacks? A. avoid constructing dynamic SQL with concatenated input values B. use quoted/delimited identifiers as they can ease the whitelisting, black-listing, and escaping efforts C. test the content of string variables and accept all the values D. ensure that the web config files for each application contain sensitive information
A. avoid constructing dynamic SQL with concatenated input values
Which of the following terms describes the amount of information broadcast over a connection and is measured in terms of "number of bits per seconds (bps)"? A. bandwidth B. orthogonal frequency-division multiplexing (OFDM) C. frequency-hopping spread spectrum (FHSS) D. industrial, scientific, and medical (ISM) band
A. bandwidth
Which of the following practice helps security specialists to protect the network against password cracking attempts? A. check any suspicious application that stores passwords in memory B. never set the password change policy C. always use personal information to create passwords D. always use passwords that can be found in a dictionary
A. check any suspicious application that stores passwords in memory
Adele, a professional hacker, initiated an attack on an organization. During the course of this attack, he established a two-way communication channel between the target system and his server to communicate and pass data back and forth. Additionally, he employed encryption to hide the communication channel. Which of the following phases of cyber kill chain methodology was Adele performing in the above scenario? A. command and control B. weaponization C. delivery D. exploitation
A. command and control
Identify the type of vulnerability assessment where the chances of finding the vulnerabilities related to OS and applications are higher, and it is highly unclear who owns the assets in large enterprises. A. credentialed assessment B. network-based assessment C. distributed assessment D. non-credentialed assessment
A. credentialed assessment
Jack, a network administrator in an organization, was assigned to identify the risks associated with the organization's confidential information by implementing a BYOD policy. Jack thoroughly examined and identified a potential exposure of all the corporate data. Which of the following BYOD security risks is identified by Jack in the above scenario? A. data leakage and endpoint security issues B. ability to bypass organization's network policy rules C. different OS D. support for many different devices
A. data leakage and endpoint security issues
Which of the following components of a web server stores critical HTML files related to the web pages of a domain name that can be sent in response to the user requests? A. document root B. server root C. top-level root directory D. web proxy
A. document root
Which of the following practices should be followed while configuring a wireless network to defend against potential wireless attacks? A. enable MAC address filtering on APs or routers B. enable SSID broadcasts C. keep the default ID as it is after WLAN configuration D. enable remote router login and wireless administration
A. enable MAC address filtering on APs or routers
Joan, a software developer, unintentionally included a password as a comment in a hybrid mobile application that was developed for internal purposes and not expected to be released into a production environment. Identify the type of mobile risk demonstrated in the above scenario. A. extraneous functionality B. reverse engineering C. insecure authentication D. code tampering
A. extraneous functionality
Bob, a professional hacker, targeted administrator Alice's credentials to log into a remote server. Bob employed both dictionary attacks and brute-force attacks to crack the password. Using this method, Bob easily obtained Alice's password and accessed the remote server. Identify the technique employed by Bob in the above scenario. A. hybrid attack B. SQL injection C. website defacement D. guessing
A. hybrid attack
Which of the following encompasses all forms of identity theft, where the perpetrators attempt to impersonate someone else simply to hide their original profile? A. identity cloning and concealment B. tax identity theft C. synthetic identity theft D. financial identity theft
A. identity cloning and concealment
Henry, a professional hacker, targeted an organization's database server to steal user IDs, passwords, phone numbers, and other particulars. He exploited a few underlying vulnerabilities using tools such as sqlmap and gained control over the target database server. In which of the following layers of the vulnerability stack has Henry performed the above attack? A. layer 4 B. layer 7 C. layer 5 D. layer 1
A. layer 4
Which of the following countermeasures help security professionals defend the IoT network against cyberattacks? A. locate control system networks and devices behind firewalls B. never isolate IoT devices on protected networks C. avoid maintaining data confidentiality using symmetric key encryption D. disable CAPTCHA and account lockout policy methods
A. locate control system networks and devices behind firewalls
Timberly, a professional hacker, targeted a Windows machine to leverage the Kerberos authentication mechanism to manipulate its services. Timberly compromised the machine of an end-user who was trying to access the target machine's services and stole their ST/TGT to masquerade as a valid user. Using the stolen TGT, Timberly gained unauthorized access to the network services of the target machine. Identify the type of attack performed by Timberly in the above scenario. A. pass-the-ticket B. wire sniffing C. brute-force attack D. pass-the-hash
A. pass-the-ticket
David, a professional hacker, targeted Bob, an employee of an organization. He discovered that Bob was using a specific company's device. He wanted to extract useful information from the device's specifications. David started using a multimeter to inspect the chipset. Then he marked out certain identifications (ground pins), discovered the product ID, and compared it with the published report. Identify the type of attack initiated by David in the above scenario. A. reconnaissance attack B. sybil attack C. forged malicious device D. side-channel attack
A. reconnaissance attack
Walter, a professional hacker, was trying to exploit nascent vulnerabilities in a target mobile application. He utilized a technique to analyze the final core binary to determine its source code and libraries. Further, this analysis gave him insights into the inner workings of the application. Identify the mobile risk exploited by Walter in the above scenario. A. reverse engineering B. insecure authentication C. insufficient cryptography D. code tampering
A. reverse engineering
Which of the following practices helps developers defend against SQL injection attacks? A. test the content of string variables and accept only expected values B. always construct dynamic SQL with concatenated input values C. build transact-SQL statements directly from user input D. never implement multiple layers of validation
A. test the content of string variables and accept only expected values
In which of the following type of attacks do attackers mainly target high-profile executives such as CEO, CFO, politicians, and celebrities who have complete access to confidential and highly valuable information? A. whaling B. shoulder surfing C. SMiShing D. piggybacking
A. whaling
Joe targeted a coffee shop and wanted to sniff customers' credentials who were paying bills from their Android devices. To achieve this, he hosted a free Wi-Fi hotspot using an Android application that lured customers to connect to it. After the devices got connected to his network, Joe performed a MITM attack to hijack their sessions with banking portals and recorded credentials being entered to log in. Which of the following tools has Joe employed in the above scenario? A. zANTI B. Foremost C. Autopsy D. WinHex
A. zANTI
Which of the following components in Docker architecture refers to locations where images are stored and pulled whenever required? A. Docker Objects B. Docker Registries C. Docker Daemon D. Docker Client
B. Docker Registries
Which of the following cloud computing services enables subscribers to use on-demand fundamental IT resources, such as computing power, virtualization, data storage, and network? A. IDaaS B. IaaS C. SECaaS D. PaaS
B. IaaS
Which of the following levels of the Purdue Model contains control systems such as DCSs, SCADA software, HMIs, real-time software, and other supervisory systems to control the physical processes? A. Level 1 B. Level 2 C. Level 3 D. Level 5
B. Level 2
James, a software developer at an organization, handed over a fully developed mobile application to the testing team for validation. During validation, the testing team disabled the two-factor authentication implemented on it and forgot to enable it before deployment. This oversight allowed attackers to penetrate the server just by cracking users' credentials as the two-factor authentication was disabled on the application. Identify the mobile security risk demonstrated in the above scenario. A. M5--insufficient cryptography B. M10--extraneous functionality C. M8--code tampering D. M2--insecure data storage
B. M10--extraneous functionality
Identify the penetration testing methodology compiled by Pete Herzog and a standard set for penetration testing to achieve security metrics. A. National Institute of Standards and Technology B. Open Source Security Testing Methodology Manual C. Open Web Application Security Project D. Information Systems Security Assessment Framework
B. Open Source Security Testing Methodology Manual
Teena, a security professional, has recently joined the company, and she has been trained in various security practices to be followed to protect passwords from being compromised. While implementing the security practices, she notices that a system is susceptible to password cracking attacks. Identify the practice noticed by Teena that can lead to password cracking attacks. A. do not use cleartext protocols or protocols with weak encryption B. allow the storing of passwords in an unsecured location C. do not use passwords that can be found in a dictionary D. set the password change policy to 30 days
B. allow the storing of passwords in an unsecured location
Alex, a disgruntled employee in an organization, was digging deep into his company's web application to find any security vulnerabilities. He found that restrictions for authenticated users were not enforced properly. Alex exploited this flaw to access unauthorized functionalities such as accessing other users' accounts and viewing their sensitive data. Identify the web application security risk exploited by Alex in the above scenario. A. XML external entity (XXE) B. broken access control C. broken authentication D. sensitive data exposure
B. broken access control
Mark, a professional hacker has targeted a cloud service firm to gain critical data and access the intellectual property remotely. He initiates an attack on the MSPs and their customers by using spear-phishing emails with custom-made malware to compromise user accounts and obtain confidential information. Identify the type of attack performed by Mark in the above scenario. A. cross-guest VM breaches B. cloud hopper attack C. cloudborne attack D. side-channel attack
B. cloud hopper attack
Which of the following countermeasures helps users defend their devices against Bluetooth attacks? A. keep sequential key combinations as PINs to pair with devices B. disable automatic connections to public Wi-Fi networks C. always keep Bluetooth in the enabled state D. dis-encryption when establishing a Bluetooth connection
B. disable automatic connections to public Wi-Fi networks
Which of the following practices can make cloud infrastructure susceptible to man-in-the-cloud attacks? A. monitor employee activities to detect any significant signs of cloud synchronization token abuses B. ensure encryption keys are stored within the same cloud service C. implement cloud access security broker (CASB) D. harden the policies of token expiration
B. ensure encryption keys are stored within the same cloud service
Which of the following layers in IoT architecture serves as the main component in communication between two endpoints, device-to-device, device-to-cloud, device-to-gateway, or backend data sharing? A. application layer B. internet layer C. edge technology layer D. middleware layer
B. internet layer
John, a threat actor, called up Johana, the IT help desk member of the targeted organization, and informed her that Mr. Tibiyani was about to give a presentation to customers but he could not open his files as they were corrupted and that Mr. Tibiyani requested him to call and ask her to send the files to him as soon as possible to start the presentation. Identify the social engineering context created by the attacker in the above scenario. A. consensus proof B. intimidation C. scarcity D. social proof
B. intimidation
Which of the following Burp Suite built-in tools is used to perform customized attacks and find and exploit unusual vulnerabilities in the target web application? A. intercepting proxy B. intruder tool C. application-aware spider D. web application scanner
B. intruder tool
Smith, a professional hacker, was assigned to perform an attack on AWS S3 buckets. He employed a tool to brute-force AWS S3 buckets with different permutations to breach the security mechanism and inject malware into the bucket files. Identify the tool employed by Smith in the above scenario. A. WZCook B. lazys3 C. Aircrack-ng D. Burp Suite
B. lazys3
Which of the following malware components performs the desired activity when activated and is used to delete or modify files to compromise system security? A. dropper B. payload C. downloader D. crypter
B. payload
Jude, a pen tester, was assigned to test the network of an organization. As part of the task, Jude gathered as much information as possible about the organization. This information helped Jude in performing other sophisticated attacks. He employed techniques such as reconnaissance, port scanning, service scanning, and OS scanning to gather the information. Identify the penetration testing phase Jude was currently executing in the above scenario. A. post-attack phase B. pre-attack phase C. documenting phase D. attack phase
B. pre-attack phase
Identify the method that allows users to attain privileged control within the Android's subsystem resulting in sensitive data exposure. A. buffer overflow B. rooting C. SMiShing D. OS data caching
B. rooting
Identify the Docker object that enables users to extend the number of containers across daemons, with them serving together as a swarm with several managers and workers. A. networking B. services C. images D. containers
B. services
In which of the following types of identity theft does the perpetrator obtain information from different victims to create a new identity by stealing a social security number and use it with a combination of fake names, dates of birth, addresses, and other details required for creating a new identity? A. child identity theft B. synthetic identity theft C. social identity theft D. medical identity theft
B. synthetic identity theft
Morris, an attacker, targets a website and injects a statement using the conditional OR clause. The condition of the WHERE clause will always be true so that he can easily bypass user authentication. Morris injects the below query on the target website: "SELECT * FROM users WHERE name = '' OR '1'='1';" Which of the following types of SQL Injection attack ahs Morris executed in the above scenario? A. UNION SQL injection B. tautology C. end-of-line comment D. in-line comments
B. tautology
Which of the following countermeasures helps security teams prevent sensitive data from being exposed? A. create or use weak cryptographic algorithms B. use AES encryption for stored data and use TLS with HSTS for incoming traffic C. never encrypt the data in transit using TLS D. enable caching techniques for requests that contain sensitive information
B. use AES encryption for stored data and use TLS with HSTS for incoming traffic
Identify the guideline that addresses the risks associated with penetration testing. A. never used reserve addresses B. use partial isolation and replication of target environment C. use direct testing D. never perform interruptible testing
B. use partial isolation and replication of target environment
Which of the following countermeasures helps security specialists defend against OT hacking? A. never maintain an asset register to track the information B. use purpose-built sensors to discover the vulnerabilities in the network C. enable unused ports and services to block unauthorized access D. enable unused services and functionalities
B. use purpose-built sensors to discover the vulnerabilities in the network
Which of the following port numbers is used by the trojan "Telecommando" to perform malicious activities on the target machine? A. 4590 B. 54321 C. 61466 D. 65000
C. 61466
Lopez, a professional hacker, targets his opponent's system and performs spoofing attacks by using multiple intermediary and secondary machines. He exploited the TCP three-way handshake vulnerability and initiated sending requests to the intermediary hosts, reflecting the attack traffic to the target. Identify the attack technique employed by Lopez in the above scenario. A. MAC flooding B. peer-to-peer attack C. DRDoS attack D. Phlashing
C. DRDoS attack
Which of the following tools helps users protect their mobile devices against cyber threats or mobile-based security issues? A. OllyDbg B. FTK Imager C. Lookout Personal D. Cain & Abel
C. Lookout Personal
Which of the following Bluetooth mode rejects connection requests sent by any device in the vicinity? A. Discoverable mode B. Non-discoverable mode C. Non-pairable mode D. Limited discoverable mode
C. Non-pairable mode
Brady, a student, is attending a training course on Python programming. He purchased a computer to practice Python programming at home. One day he switched ON his computer to practice Python but forgot his system password. He used an automated tool to recover forgotten password and gained instant access to his locked computer without reinstalling the operating system. Identify the tool employed by Brady in the above scenario. A. KFSensor B. Suphacap C. THC-Hydra D. SPECTER
C. THC-Hydra
Identify the protocol that is a component of IEEE 802.11 WLAN standards, the primary purpose of which is to ensure data confidentiality on wireless networks at a level equivalent to that of wired LANs. A. ZigBee B. LEAP C. WEP D. Bluetooth
C. WEP
Which of the following components of web service architecture is an XML-based language that describes and traces the web services? A. UDDI B. WS-Policy C. WSDL D. WS-Security
C. WSDL
David, a technical support team member, leveraged the BYOD policy and copied confidential data into his device. He immediately tried to forward it to the rival company using the company's Wi-Fi network but failed to do so, as the company had enforced restrictions on sending corporate data to the outside network. Which of the following BYOD risks was demonstrated in the above scenario? A. infrastructure issues B. lost or stolen devices C. disgruntled employees D. lack of awareness
C. disgruntled employees
Identify the layer in IoT architecture that consists of all the hardware components, including sensors, RFID tags, readers, and plays an important part in data collection and connecting devices within the network. A. internet layer B. middleware layer C. edge technology layer D. access gateway layer
C. edge technology layer
Which of the following cloud deployment models is a combination of two or more clouds that remain unique entities but are bound together, where an organization makes available and manages certain resources in-house and obtains other resources externally? A. public cloud B. community cloud C. hybrid cloud D. multi cloud
C. hybrid cloud
Which of the following countermeasures help security professionals defend industrial devices and networks against OT attacks? A. use the default factory-set passwords B. enable unused services and functionalities C. implement incident response and business continuity plans D. avoid using anti-malware tools to scan systems and networks
C. implement incident response and business continuity plans
Robert, a security specialist, was appointed by a manufacturing company to design an interruptible production environment. He implemented the Purdue model, which divides the IT/OT network into separate zones. A zone in the Purdue model restricts the direct communication between IT and OT systems to continue production even if any errors are generated from the working systems. Which of the following zones of the Purdue model segregates the IT and OT systems to provide an uninterruptible production environment? A. manufacturing zone B. enterprise zone C. industrial demilitarized zone D. enterprise security zone
C. industrial demilitarized zone
Williams, an employee, was using his personal laptop within the organization's premises. He connected his laptop to the organization's internal network and began eavesdropping on the communication between other devices connected to the internal network. He sniffed critical information such as login credentials and other confidential data passing through the network. Identify the type of attack performed by Williams in the above scenario. A. phishing attack B. SQL injection attack C. insider attack D. replay attack
C. insider attack
Rocky, a professional hacker, targets an organization to perform a social engineering attack. He impersonated a legitimate employee of the company and requested the receptionist to send him important documents, as his files had been corrupted and he was required to send them immediately to the client. Which of the following vulnerable behaviors was showcased by Rocky in the above scenario? A. scarcity B. greed C. intimidation D. familiarity
C. intimidation
Irin, a cloud security architect, is a disgruntled ex-employee of an organization who has access to cloud resources and knows about the organization's cloud network. Using this information, she deliberately accesses the critical documents and compromises the sensitive information available in the cloud. Identify the cloud threat demonstrated in the above scenario. A. supply chain failure B. cloud provider acquisition C. malicious insiders D. isolation failure
C. malicious insiders
James, an attacker, targeted an industrial network to halt the operations of SCADA devices. He exploited a stack-based buffer overflow vulnerability in the operational software that resulted in a crash of the program that operates SCADA devices. Which of the following vulnerabilities is exploited by James in the above scenario? A. credential management B. lack of authentication C. memory corruption D. lack of authorization
C. memory corruption
Which of the following practices can allow attackers to evade the wireless authentication process? A. disable the network when not required B. enable server verification on the client side using 802.1X authentication C. never update drivers on all wireless equipment D. use a centralized server for authentication
C. never update drivers on all wireless equipment
In which of the following penetration testing phases does the tester need to restore the network to its original state, which includes cleaning up testing processes and removing vulnerabilities orderly until the systems return to their prior states? A. documenting phase B. attack phase C. post-attack phase D. pre-attack phase
C. post-attack phase
Which of the following countermeasures helps security teams defend against DoS and DDoS attacks on the network and system? A. configure the firewall to allow external ICMP traffic access B. disable TCP SYN cookie protection C. prevent the use of unnecessary functions such as gets and strcpy D. enable unused and insecure services
C. prevent the use of unnecessary functions such as gets and strcpy
Sam, a programmer, has developed an application on his own and wants to host it in the cloud. He searches for the best cloud service provides to host his application at low-cost maintenance and make it available to users across the globe. Which of the following cloud deployment model helps Sam in the above scenario? A. hybrid cloud B. private cloud C. public cloud D. community cloud
C. public cloud
An organization has implemented BYOD policy that allows employees to bring their personal devices for business operations. One day, during lunchtime, Joseph, an employee, transferred project details to his collogue using freely available Wi-Fi. An attacker connected to the same Wi-Fi network sniffed the communication and gained access to the shared data. Which of the following BYOD risk was demonstrated in the above scenario? A. improperly disposing of devices B. disgruntled employees C. sharing confidential data on unsecured networks D. infrastructure issues
C. sharing confidential data on unsecured networks
Austen, a professional hacker, has targeted the IoT devices of an organization and plans to dig up the encryption details used by the devices. He uses a technique to extract information about the encryption keys used by the IoT devices by observing the emission of signals. Identify the attack technique employed by Austen in the above scenario. A. ransomware attack B. client impersonation C. side-channel attack D. DNS rebinding attack
C. side-channel attack
Identify the attack in which attackers use timing analysis and power analysis techniques to retrieve critical information from an OT system. A. malware attack B. spear phishing C. side-channel attack D. buffer overflow attack
C. side-channel attack
Smith, a professional hacker, was appointed to attack a target company's cloud server. He placed a malicious virtual machine on the same physical host where the target cloud server is present. Then, he launched timing, data remanence, acoustic cryptanalysis, and power monitoring attacks to extract cryptographic keys and steal the victim's credentials. Identify the type of attack performed by Smith in the above scenario. A. cloud hopper attack B. man-in-the-cloud attack C. side-channel attacks D. wrapping attack
C. side-channel attacks
In which of the following attacks do attackers exploit instant messaging platforms and use them to spread spam messages? A. SMiShing B. impersonation C. spimming D. pharming
C. spimming
Sam, a new employee at an organization, received a phishing mail from an unauthorized source on his official email ID. As Sam was not trained on email security, he opened the email and clicked on the malicious link within the email, allowing the attacker to gain backdoor access to the office network. Identify the threat source in the above scenario. A. structured external threats B. natural threats C. unintentional threats D. external threats
C. unintentional threats
Which of the following countermeasures should be followed to defend against session hijacking? A. allow the cross-site scripts known as a CSRF from the client side B. disable browsers to verify website authenticity C. use HPKP to allow users to authenticate web servers D. enable compression mechanisms of HTTP requests
C. use HPKP to allow users to authenticate web servers
Which of the following countermeasures helps security teams defend against sniffing attacks? A. use a hub instead of a switch B. always broadcast SSIDs C. use static IP addresses and ARP tables D. retrieve MAC addresses directly from OS instead of the NICs
C. use static IP addresses and ARP tables
Which of the following practices can make devices or networks vulnerable to password cracking attempts? A. using different passwords that the time of password change B. using a random string (salt) as a password prefix or suffix before performing encryption C. using the system's default passwords D. using passwords that are not available in the dictionary
C. using the system's default passwords
Edward, a professional hacker, targeted an organization's official web page to damage the company's reputation. He employed the SQL injection technique to access the targeted web page, applied unauthorized modifications to change its visual appearance, and displayed another page containing its own messages. Identify the attack technique utilized by Edward in the above scenario. A. DNS server hijacking B. web server misconfiguration C. website defacement D. directory traversal attack
C. website defacement
Identify the web-based attack in which the attacker makes unauthorized changes to a website's content that results in changes to the visual appearance of the web page or website. A. web server misconfiguration B. web cache poisoning attack C. website defacement D. directory traversal attack
C. website defacement
Given below are the list of tiers present in container technology architecture: 1. Orchestrators 2. Hosts 3. Developer machines 4. Registries 5. Testing and accreditation systems Identify the correct order of the tiers. A. 2 -> 3 -> 4 -> 1 -> 5 B. 5 -> 1 -> 3 -> 2 -> 4 C. 4 -> 3 -> 2 -> 1 -> 5 D. 3 -> 5 -> 4 -> 1 -> 2
D. 3 -> 5 -> 4 -> 1 -> 2
David, a professional hacker, has performed an attack to crack WPA2 encryption used in the target wireless network. He employed a tool from the Aircrack-ng Suite to switch his wireless interface from the managed mode to the monitor mode. Identify the tool employed by David in the above scenario. A. Wesside-ng B. Packetforge-ng C. Aireplay-ng D. Airmon-ng
D. Airmon-ng
Meghan, a professional hacker, was researching the latest vulnerabilities and practicing how to compromise them. She targeted an employee and performed footprinting to determine the make and model of the employee's Bluetooth-enabled device. She used the gathered information to create infographics of the model and manufacturer and analyzed the information to check whether the device had any exploitable vulnerabilities. Identify the type of attack performed by Meghan in the above scenario. A. BlueSniff B. Bluesnarfing C. Bluebugging D. BluePrinting
D. BluePrinting
Sam, a professional hacker, was assigned to attack Bluetooth-enabled devices at a coffee shop. He employed a process to compromise the Bluetooth devices that are set to discoverable mode, then sniffed sensitive data from targeted devices. Which of the following types of attack has Sam initiated in the above scenario? A. MAC flooding B. man-in-the-mobile C. Bluesmacking D. Bluebugging
D. Bluebugging
Alvin, a professional hacker, targeted the Bluetooth-enabled device of an employee in an organization that handles critical information. Alvin initiated an attack on the target device by sending an oversized ping packet, causing a buffer overflow. Identify the type of attack performed by Alvin in the above scenario. A. Btlejacking B. Bluejacking C. Bluebugging D. Bluesmacking
D. Bluesmacking
Rachel, a network pen tester, was inspecting her organization's network and web applications and was testing whether they were vulnerable to service disruption. She utilized a tool that could perform network stress testing and perform a DoS attack by flooding the server with TCP packets to interrupt the normal services. Which of the following tool was utilized by Rachel in the above scenario? A. Octoparse B. Wireshark C. Nmap D. Low Orbit Ion Canon (LOIC)
D. Low Orbit Ion Canon (LOIC)
Clark, a professional hacker, targeted an organization's network to steal credentials being shared during active sessions. He collected the physical address of the legitimate users connected to the switch port. Then, Clark started spoofing his physical address with the physical address of a legitimate client and received all the traffic destined for that client. Which of the following attacks has Clark performed in the above scenario? A. DHCP starvation attack B. ARP spoofing C. DNS spoofing D. MAC duplicating
D. MAC duplicating
Smith, a professional hacker, initiated a network sniffing attack on the switched Ethernet environment of a target organization. He employed an automated tool to flood the switch with a fake physical address until the switch translation table became full. When the switch entered fail-open mode, it started acting as a hub by broadcasting packets. Now, Smith could easily accomplish his goal of network sniffing. Identify the type of attack performed by Smith in the above scenario. A. ARP poisoning B. DHCP starvation C. DNS poisoning D. MAC flooding
D. MAC flooding
Which of the following practices can make mobile devices vulnerable to online attacks? A. disable wireless access such as Wi-Fi and Bluetooth if not in use B. maintain configuration control and management C. never connect two separate networks such as Wi-Fi and Bluetooth simultaneously D. always share the information within GPS-enabled apps
D. always share the information within GPS-enabled apps
Abin, an attacker intending to access the critical assets and computing devices of an organization, impersonated Sally, a system administrator. Abin masquerades as Sally and gathers critical information from computing devices of the target organization. Identify the type of insider threat demonstrated in the above scenario. A. negligent insider B. malicious insider C. professional insider D. compromised insider
D. compromised insider
Simon, a professional hacker, targets an organization to modify and tamper with the transmission and reception of signals between the IoT devices. For this reason, he uses the replay attack technique and performs one additional step, where he reverse-engineers the protocol to capture the original signal. Identify the type of attack performed by Simon in the above scenario. A. BlueBorne attack B. reconnaissance attack C. jamming attack D. cryptanalysis attack
D. cryptanalysis attack
Zara, a network administrator, implements defensive strategies in her organization to increase network security. She follows a list of security best practices to prevent DoS/DDoS attacks. Which of the following practices is not a defensive measure against DoS/DDoS attacks? A. block all inbound packets originating from the service ports to block the traffic from servers B. update the kernel to the latest release and disable unused and insecure services C. prevent the return addresses from being overwritten D. disable TCP SYN cookie protection
D. disable TCP SYN cookie protection
Which of the following countermeasures should be followed to protect against password cracking? A. always use any system's default passwords B. do not impose any restrictions on the password change policy C. use the same password at the time of password change D. do not use passwords that can be found in a dictionary
D. do not use passwords that can be found in a dictionary
Which of the following practice can help security teams defend the application against password cracking attempts? A. use passwords that can be found in a dictionary B. disable account lockout with a certain number of attempts C. allow the display of passwords onscreen D. ensure that applications neither store passwords to memory nor write them to disk
D. ensure that applications neither store passwords to memory nor write them to disk
Moses recently purchased an HP laptop to fulfill his business needs, and he did not change the default password of the laptop set by the manufacturer. Clark, a disgruntled employee working with Moses, decided to steal critical business information from his laptop. Clark used an online tool to obtain the default password to access the target laptop successfully. Identify the online tool employed by Clark to search default passwords. A. https://www.intelius.com B. https://www.hoovers.com C. https://www.exploit-db.com D. https://www.open-sez.me
D. https://www.open-sez.me
In which of the following layers of the vulnerability stack do security professionals configure solutions such as IDS and IPS to raise alarms if any malicious traffic enters a target server? A. layer 3 B. layer 5 C. layer 7 D. layer 1
D. layer 1
Identify the layer in IoT architecture that acts as an interface between the application and hardware layer and is responsible for data management, device management, data analysis, data aggregation, and data filtering. A. internet layer B. edge technology layer C. application layer D. middleware layer
D. middleware layer
Identify the activity that focuses on real-time attacks instead of discovering a specific vulnerability and demonstrates if attackers can successfully exploit the vulnerabilities in the system. A. security audit B. vulnerability scanning C. vulnerability assessment D. penetration testing
D. penetration testing
Don, a professional hacker, initiated an attack on a target organization. During the course of this attack, he employed automated tools to collect maximum weak points, vulnerabilities, and other sensitive information across the target network. Which of the following phases of cyber kill chain methodology is Don currently executing in the above scenario? A. delivery B. exploitation C. command and control D. reconnaissance
D. reconnaissance
John, a professional hacker, targeted an employee of an organization to intrude and gain access to the corporate network. He employed a sniffer to capture packets and authentication tokens between the employee and the organization's server. After extracting relevant information, he transmitted the captured tokens back to the server to gain access as a legitimate user. Identify the type of attack performed by John in the above scenario. A. rainbow table attack B. brute-force attack C. LLMNR/NBTT-NS poisoning D. replay attack
D. replay attack
Serin, a professional hacker, injected a backdoor into a target system that specifically attacked the root or system OS. When the backdoor is executed, he will obtain administrator-level access to the target system. Identify the type of malware utilized by Serin in the above scenario. A. point-of-sale trojans B. service protocol trojans C. e-banking trojans D. rootkit trojans
D. rootkit trojans
Which of the following roles in a web service is a place where the provider loads service descriptions and discovers the service and retrieves binding data from the service descriptions? A. service provider B. service requester C. service description D. service registry
D. service registry
Which of the following malware masks itself as a benign application or software that initially appears to perform a desirable or benign function but steals information from a system? A. worm B. virus C. keylogger D. trojan
D. trojan
Given below is the syntax of the nbtstat command. nbtstat [-a RemoteName] [-A IP Address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval] Which of the following Nbtstat parameters in the above syntax purges the name cache and reloads all #PRE-tagged entries from the Lmhosts file? A. -R B. -r C. -s D. -RR
A. -R
Identify the Nbtstat parameter that displays a count of all names resolved by a broadcast or WINS server. A. -r B. -c C. -R D. -S
A. -r
Given below are different steps involved in password guessing. 1. Find a valid user 2. Rank passwords from high to low probability 3. Create a list of possible passwords 4. Key in each password until the correct password is discovered What is the correct sequence of steps involved in password guessing? A. 1 -> 3 -> 2 -> 4 B. 1 -> 2 -> 3 -> 4 C. 2 -> 3 -> 4 -> 1 D 2 -> 3 -> 1 -> 4
A. 1 -> 3 -> 2 -> 4
Which of the following countermeasures helps security professionals secure the cloud network from cryptojacking attacks? A. review all third-party components used by the company's websites B. always preserve three different copies of the data in the same place C. never allow browser extensions to scan and terminate scripts D. never implement CoinBlocker URL and blackholing in the firewall
A. review all third-party components used by the company's websites
Alice, a professional hacker, targeted a manufacturing plant to disrupt their operations. She sent a fraudulent email to an employee with an attachment containing a malicious file that appears to be legitimate production and sales report. Soon after the employee downloaded the attachment, it injected malware, started damaging the resources, and started spreading itself to other systems connected to the network. Identify the type of attack launched by Alice in the above scenario. A. spear phishing B. protocol abuse C. side-channel attack D. DoS attack
A. spear phishing
Which of the following guidelines should be implemented to protect connections against session hijacking? A. use strings or long random numbers as session keys B. use the same usernames and passwords for different accounts C. include the session ID in the URL or query string D. pass authentication cookies over HTTP connections
A. use strings or long random numbers as session keys
Which of the following countermeasures helps security teams protect the cloud environment against online threats? A. verify one's own cloud in public domain blacklists B. allow user credentials sharing among users, applications, and services C. do not disclose applicable logs and data to customers D. never update customers with infrastructure information and firewall details
A. verify one's own cloud in public domain blacklists
Martin, a professional hacker, targeted Gary, CEO of TechNetSol Inc., to steal his bank account credentials. He crafted a message stating that Gary's bank account was locked and that Gary needed to click on a link and log in to activate it. Gary panicked and clicked the link, revealing his credentials to Martin. Identify the type of attack Martin performed on Gary in the above scenario. A. whaling B. spam email C. SMiShing D. chain letters
C. SMiShing
Which of the following components in the Docker engine is the command-line interface used to communicate with the daemon? A. server B. rest API C. dockerd D. client CLI
D. client CLI
Mark, a professional hacker, scanned the target system to check for running services or open ports. After successful scanning, he discovered an open FTP port, exploited it to install malware, and performed malicious activities on the victim system. In which of the following ways did Mark installed malware in the victim system? A. file sharing services B. insecure patch management C. email attachments D. rogue/decoy applications
A. file sharing services
Which of the following types of threat actors helps both hackers find various vulnerabilities in a system and vendors improve products by checking limitations to make them more secure? A. gray hats B. white hats C. black hats D. organized hackers
A. gray hats
Steve, a forensic expert, was appointed to evaluate an attack initiated on the organization's network. He performed an overall assessment of the network to identify the cause. During this process, he identified outbound connections to Internet services and a few applications running with debugging enabled. Which following category of vulnerabilities did Steve identify in the above scenario? A. misconfiguration B. operating system flaws C. design flaws D. buffer overflows
A. misconfiguration
Nicholas, a software developer, develops an application. Before launching it, he asks Anna, a pen tester, to review it and find out whether there were any security loopholes in the application. Anna performed penetration testing and found out that the application included untrusted data on the web page. There was no proper validation or escaping, and it was susceptible to several attacks if not patched. Which of the following application security risks was identified by Anna in the above scenario? A. cross-site scripting (XSS) B. insufficient monitoring C. sensitive data exposure D. XML external entity (XXE)
A. cross-site scripting (XSS)
Joseph, a professional hacker, targeted an employee of an organization to intrude and gain access to the network. He initiated the attack using sniffers to capture packets and authentication tokens between the employee and the server he was communicating with. After intercepting the messages, he started continuously sending the intercepted messages to the server. Identify the type of attack performed by Joseph in the above scenario. A. replay attack B. dictionary attack C. rainbow table attack D. brute-force attack
A. replay attack
Which of the following countermeasures helps security professionals defend against DoS/DDoS attacks? A. secure remote administration and connectivity testing B. allow data processed by the attacker from being executed C. allow the transmission of fraudulently addressed packets at the ISP level D. make use of functions such as gets and strcpy
A. secure remote administration and connectivity testing
Which of the following practices make devices and networks vulnerable to OT attacks? A. use the default factory-set passwords B. perform periodic audits of industrial systems C. disable unused ports and services D. ensure ICS vendors add cryptographic signatures to application updates
A. use the default factory-set passwords
David, a network administrator, was assigned to analyze the network for signatures of a session hijacking attack on an organization. David captured all the network traffic using packet sniffing tools and used various filters to find any repeated ARP update packets. Which of the following methods has David employed in the above scenario to detect session hijacking attacks? A. intrusion detection system B. manual method C. intrusion prevention system D. automatic method
B. manual method
Don, a professional hacker, targeted an organization and decided to disrupt its online services. Don initiated an attack by manipulating the input fields of the target web application. He injected a query "SELECT * FROM EMP WHERE EMP.EID = 1001 AND EMP.ENAME = 'David'" by concatenating the delimiter ( ;) and malicious query to the original query as "SELCT * FROM EMP WHERE EMP.EID = 1001 AND EMP.ENAME = 'Bob'; DROP TABLE DEPT;". On execution of the injected malicious query in place of the original one, the DBMS dropped the table DEPT from the target database. Which of the following types of SQL injection attack has Don performed in the above scenario? A. tautology B. piggybacked query C. logical incorrect query D. illegal incorrect query
B. piggybacked query
Jane, a third-party security auditor, received an email from one of his client organizations seeking advice on securing corporate data on the cloud environment. Jane suggested a cloud deployment model that provides full control over corporate data and can be managed within the organization. Which of the following cloud deployment models has Jane suggested to the organization? A. public cloud B. private cloud C. community cloud D. multi cloud
B. private cloud
Which of the following malware tricks the computer users into visiting malware-infested websites by telling the target user that their machine has been infected with malware? A. spyware B. scareware C. rootkit D. worm
B. scareware
Sam, a professional penetration tester, was assigned to perform pen testing on an organization's internal network. He employed commercial pen testing software that can execute multiple tests simultaneously. While Sam triggered the test, the software overloaded the network, which led to network interruption. Which of the following risks has Sam faced in the above scenario? A. use reserved addresses B. use throttled tools C. use indirect testing D. delay the effect of a test
B. use throttled tools
Which of the following countermeasure helps a security specialist defend the application against SQL injection attacks? A. integrate database server and web server B. never use SSL for all authenticated parts of the application C. run a database service account with minimal rights D. use dynamic SQL and construct queries with the user input
C. run a database service account with minimal rights
Identify the attack in which an attacker exploits vulnerabilities that evolve from the unsafe use of functions in an application in public web servers to send crafted requests to the internal or backend servers. A. web server misconfiguration B. SSH brute force C. server-side request forgery D. web server password cracking
C. server-side request forgery
Smith, a professional hacker, has performed an attack on an organization's employees by taking advantage of a security flaw present in a wireless access point. He changed the SSID of a rogue access point with the SSID of the organization's access point and sent beacons advertising the rogue AP to lure employees into connecting to it. Consequently, Smith gained access to sensitive information such as the usernames and passwords of connected users. Identify the type of attack performed by Smith in the above scenario. A. Ad-Hoc connection attack B. Honeypot AP attack C. Misconfigured AP attack D. Client mis-association attack
D. Client mis-association attack
Smith, a network administrator, was instructed to enhance wireless security and implement a centralized authentication mechanism for clients. To achieve this, Smith implemented a wireless encryption technology that uses EAP or RADIUS for centralized client authentication using multiple authentication methods, such as token cards, Kerberos, and certificates. Which of the following technology has Smith implemented in the above scenario? A. WPA2-Personal B. WPA3-Enterprise C. WPA3-Personal D. WPA2-Enterprise
D. WPA2-Enterprise
Which of the following security risks can disclose internal files using the file URI handler, internal SMB file shares on unpatched Windows servers, internal port scanning, remote code execution, and DoS service attacks such as the billion laughs attack? A. cross-site scripting (XSS) B. broken authentication C. command injection D. XML external entity (XXE)
D. XML external entity (XXE)
Which of the following components of a wireless network is used to connect wireless devices to a wireless/wired network and serves as a switch between a wired LAN and wireless network? A. association B. basic service set identifier C. bandwidth D. access point
D. access point
Which of the following practices is NOT a countermeasure for defending against sniffing attacks? A. avoid broadcasting SSIDs (session set identifiers) B. use static IP addresses and ARP tables C. change default passwords to complex passwords D. always use HTTP to protect username and passwords
D. always use HTTP to protect username and passwords
Bob has recently installed smart CCTV devices outside his home. These smart CCTV devices send alerts to his mobile over the Internet whenever the camera encounters suspicious activity. When Bob was at his workspace, he received a cautionary MMS alert via email related to CCTV displaying footage of unusual activity. Which of the following component of IoT technology collected the incident data from CCTV devices and forwarded the information to Bob in the above scenario? A. hubs B. bridges C. switches D. gateways
D. gateways
Which of the following guidelines should be followed to eliminate the risk of session hijacking? A. include the session ID in the URL or query string B. use hubs rather than switches C. never protect authentication cookies with SSL D. implement timeout() to destroy sessions when expired
D. implement timeout() to destroy sessions when expired
While performing web application testing, Ruben, a software developer, found out that the web application failed to protect sensitive traffic flowing in the network. Additionally, the web application supported weak algorithms and used expired or invalid certificates, making it susceptible to various attacks that revealed user data. Identify the security misconfiguration detected by Ruben in the above scenario. A. improper error handling B. parameter/form tampering C. unvalidated inputs D. insufficient transport layer protection
D. insufficient transport layer protection
Identify the cloud deployment model representing a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals. A. public cloud B. community cloud C. private cloud D. multi cloud
D. multi cloud
Ginita, a penetration tester, has recently joined the organization, and she is asked to conduct a security assessment to evaluate its overall security. She followed an adversarial goal-based assessment approach, in which she mimicked herself as a real attacker and targeted an environment to perform the testing. Identify the type of penetration testing approach followed by Ginita in the above scenario. A. goal-oriented penetration testing approach B. compliance-oriented penetration testing approach C. objective-oriented penetration testing approach D. red-team-oriented penetration testing approach
D. red-team-oriented penetration testing approach
Julius, a professional hacker, impersonates an external auditor and tries to persuade a conversation with one of the employees of his target organization. He encouraged the employee to ask questions and then manipulated certain questions to draw out the required information. Which of the following attack techniques was portrayed by Julius in the above scenario? A. dumpster diving B. tailgating C. piggybacking D. reverse social engineering
D. reverse social engineering
Joseph, an administrator in an organization, has installed server software on a machine. Soon after installing the software, he updated the server machine with all the necessary solutions to secure the server and the network. Which of the following security practice does Joseph need to follow to secure the web server? A. use the same user account for each application if multiple web applications are hosted B. store website files and scripts on the same drive C. allow remote registry administration D. screen and filter incoming traffic requests
D. screen and filter incoming traffic requests
Which of the following components in a web server uses a technique where multiple domains can be placed on the same server and allows sharing of resources among various servers? A. virtual document tree B. web proxy C. document root D. virtual hosting
D. virtual hosting
Rogers, an administrator, has installed new software on an employee's system and forgot to change the credentials provided by the software vendor. Robert, an attacker, on the other hand, browsed an online resource to obtain credentials provided by the software vendor and used those credentials to gain remote access to the employee's system to steal valuable data. Identify the type of vulnerability demonstrated in the above scenario. A. IP protocol vulnerabilities B. default password and settings C. TCP protocol vulnerabilities D. operating system vulnerabilities
B. default password and settings
Identify the type of threat actors that include groups of individuals or communities involved in organized, planned, and prolonged criminal activities and who exploit victims from distinct jurisdictions on the Internet, making them difficult to locate. A. industrial spies B. black hats C. insiders D. criminal syndicates
D. criminal syndicates
An organization located in Europe maintains a large amount of user data by following all the security-related laws. It also follows GDPR protection principles, one of which states that the organization should only collect and process data necessary for the specified task. Which of the following GDPR protection principle is discussed in the above scenario? A. accuracy B. purpose limitation C. lawfulness, fairness, and transparency D. data minimization
D. data minimization
The following are the steps involved in the web application mechanism to fetch user-requested data from a database. 1. The user enters the website name or URL in the browser. Then, the user's request is sent to the web server. 2. The web application server then accesses the database to perform the requested task by updating or retrieving the information stored on it. 3. On receiving the request, the web server checks the file extension. 4. After processing the request, the web application server finally sends the results to the web server, which in turn sends the results to the user's browser. 5. The web server passes the user's request to the web application server, which processes the user's request. What is the correct order involved in the web application mechanism when a user enters a URL in a browser? A. 1 -> 5 -> 4 -> 2 -> 3 B. 1 -> 2 -> 3 -> 4 -> 5 C. 1 -> 4 -> 3 -> 5 -> 2 D. 1 -> 3 -> 5 -> 2 -> 4
D. 1 -> 3 -> 5 -> 2 -> 4
Identify the Kubernetes feature that describes managing a cluster of nodes that run containerized applications and allocating and deallocating resources to the containers. A. automated rollouts and rollbacks B. automatic bin packing C. service discovery D. self-healing
B. automatic bin packing
Which of the following countermeasures helps administrators secure the cloud network from side-channel attacks? A. never code the applications and OS components to restrict access to shared resources B. check for repeated access attempts to local memory C. do not implement random encryption and decryption D. never implement virtual firewall in the cloud server backend
B. check for repeated access attempts to local memory
Identify the type of insiders who are uneducated on the latest potential security threats or simply bypass general security procedures to achieve workplace efficiency. A. professional insider B. negligent insider C. compromised insider D. malicious insider
B. negligent insider
Which of the following cloud-based attacks involves an adversary interrupting the SOAP message in the TLS layer, duplicating the body of the message, and sending it to the server as a legitimate user that results in intrusion into the cloud and execution of malicious code? A. cloud hopper attack B. wrapping attack C. cloud cyptojacking D. side-channel attacks
B. wrapping attack
In which of the following social engineering attacks do attackers install small cameras to record the victim's system's actions to obtain login details and other sensitive information? A. dumpster diving B. piggybacking C. shoulder surfing D. tailgating
C. shoulder surfing
Samson, a security professional, is assigned a task to monitor communication, detect threats, and secure all BYOD devices in the organization. He deployed a tool that provides comprehensive protection for iOS and Android devices against a mobile network, device, and application cyberattacks. Which of the following tools was utilized by Samson to secure the BYOD devices? A. L0phtCrack B. OllyDbg C. Nimbostratus D. Zimperium's zIPS
D. Zimperium's zIPS
Which of the following practices makes web servers vulnerable to various online attacks? A. relocate sites and virtual directories to non-system partitions B. enable a minimum level of auditing on the web server C. use server-side session ID tracking and match connections with timestamps D. apply unrestricted ACLs and allow remote registry administration
D. apply unrestricted ACLs and allow remote registry administration
Which of the following practices helps security professionals secure the network from wireless threats? A. avoid using SSID cloaking B. always use network name in passphrases C. enable remote router login and wireless administration D. limit the strength of the wireless network
D. limit the strength of the wireless network
Identify the assessment that is used to evaluate whether the security of a company's information fulfills a set of established criteria and ensures that the company is in compliance with its regulations, security policy, and legal responsibilities. A. vulnerability assessment B. penetration testing C. vulnerability scanning D. security audit
D. security audit
Which of the following fileless propagation techniques involves exploiting pre-installed tools in Windows OS such as PowerShell and Windows Management Instrumentation (WMI) to install and run malicious code? A. native applications B. phishing emails C. registry manipulation D. malicious websites
A. native applications
Irin is a security professional in an organization. The organization instructed her to investigate a security incident that exposed critical information such as credit card/debit card details, account holder name, and CVV number. While investigating the incident, Irin found that the systems are infected with financial fraudulent malware that targeted the payment equipment. Identify the type of malware detected by Irin in the above scenario. A. point-of-sale trojans B. rootkit trojans C. backdoor trojans D. service protocol trojans
A. point-of-sale trojans
In which of the following hacking phases do attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch further attacks? A. scanning B. reconnaissance C. gaining access D. clearing tracks
A. scanning
Anisha, a shopping freak, frequently uses many online websites for purchasing products without checking their legitimacy. While doing so, she unknowingly clicked on one of the shopping commercials expecting it to be authentic. However, this activity made her lose a huge amount of money from her account. Identify the technique employed to distribute malware in the above scenario. A. black hat search engine optimization B. malvertising C. drive-by downloads D. spam emails
B. malvertising
Andrew, a professional hacker, drafts an email that appears to be legitimate and attaches malicious links to lure victims; he then distributes it through communication channels or mails to obtain private information like account numbers. Identify the type of attack vector employed by Andrew in the above scenario. A. botnet B. phishing C. ransomware D. insider attack
B. phishing
Melvin, an attacker, targeted an administrator of the targeted organization to gain unauthorized access to its server machine. He created a lookup file containing precomputed hashes of the password previously obtained using brute-force attempts. He compared these hashes with the administrator credentials and discovered a match to access the server. Identify the attack technique implemented by Melvin in the above scenario. A. keyloggers B. rainbow table attack C. pass-the-ticket attack D. wiretapping attack
B. rainbow table attack
Lucifer, a professional hacker, targeted an organization for certain financial benefits. He employed a technique that sniffs out credentials during transit by capturing Internet packets from the target network. Using this technique, Lucifer gained passwords to rlogin sessions. Identify the type of attack performed by Lucifer in the above scenario. A. hash injection B. wiretapping C. keyloggers D. pass-the-ticket
B. wiretapping
Identify the type of software vulnerability that occurs due to coding errors and allows the attackers to gain access to the target system. A. unpatched servers B. open services C. misconfiguration D. buffer overflow
D. buffer overflow
Joe, a professional hacker, initiated an attack against Bob by tricking him into downloading a free software program embedded with a keylogger labeled as trusted. As the program was labeled trusted, the antivirus software installed on Bob's system failed to identify it as malicious software. As a result, the malicious software recorded all the key strokes entered by Bob and transmitted them to Joe. Identify the application Joe employed in the above scenario to lure Bob into installing malicious software. A. insecure patch management B. instant messenger applications C. email attachments D. rogue applications
D. rogue applications